Unrated severityNVD Advisory· Published Jun 1, 2010· Updated Jun 16, 2026
CVE-2010-2125
CVE-2010-2125
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 and 6.x before 6.x-2.5 for Drupal allow remote authenticated users, with "create rotor item" or "edit any rotor item" privileges, to inject arbitrary web script or HTML via the (1) srs, (2) title, or (3) alt image attribute.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
26cpe:2.3:a:systemseed:rotor:5.x-1.0:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:systemseed:rotor:5.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:5.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:5.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:5.x-1.3:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:5.x-1.4:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:5.x-1.5:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:5.x-1.6:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:5.x-1.7:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:5.x-1.x:dev:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-1.3:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-1.4:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-1.x:dev:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.0:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.1:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.2:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.3:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.4:*:*:*:*:*:*:*
- cpe:2.3:a:systemseed:rotor:6.x-2.x:dev:*:*:*:*:*:*
- Range: <5.x-1.8, <6.x-2.5
Patches
Vulnerability mechanics
References
4- drupal.org/node/803930nvdPatchVendor Advisory
- secunia.com/advisories/39883nvdVendor Advisory
- www.osvdb.org/64770nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/58719nvd
News mentions
0No linked articles in our index yet.